More Companies Caught Abusing Apples Enterprise Certificate Program
More bad news today for Apples Enterprise Certificate Program as TechCrunch has reported that dozens of pornography and gambling apps are being distributed to users using this system.
Just last week Apple came under fire as it was reported that both Google and Facebook were using the Enterprise Certificate Program to get users outside their company to install apps not approved by Apple. Those apps were found to be tracking users every move on their devices and sending the information back to Google or Facebook to be studied.
This latest report shows its time for Apple to crack down on their Enterprise Certificate Program and begin monitoring apps business deploy using this system.
When businesses or companies sign up for the enterprise Certificate program, they are able t develop and deploy apps to their employees without uploading them to the Apple App Store. In his way businesses can get around the policies that Apple sets for public apps, allowing them to do anything they want with the code on the app and phone.
Apples Enterprise policy specifically states this program cannot be used to deploy apps outside their company.
“You may not use, distribute or otherwise make Your Internal Use Applications available to Your Customers”
“Developers that abuse our enterprise certificates are in violation of the Apple Developer Enterprise Program Agreement and will have their certificates terminated, and if appropriate, they will be deleted from our Developer Program. We are continuously evaluating the cases of misuse and are prepared to take immediate action.”
Last week Apple exercised its right to terminate the developer certificates of Google and Facebook causing significant issues within the company. Apple reinstated the certificates shortly after Google and Facebook agreed to remove their VPN tracking apps.
Apple has been promoting security and privacy for their devices, but I think its time for the company to back that up and begin cracking down on companies for misusing the enterprise certificate programs. I could easily see Apple developing some form of "App Store" for business where enterprise apps need to be approved by the company before being deployed or another way for Apple to stop companies from using this tool to bypass the App Store.